Remove restricted static imports
Replace static imports with class referenced methods. With the exception of a few well known static imports, checkstyle restricts the static imports that a class can use. For example, `asList(...)` would be replaced with `Arrays.asList(...)`. Issue gh-8945
This commit is contained in:
Phillip Webb
+5
-7
@@ -67,6 +67,7 @@ import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||
import org.springframework.security.oauth2.jwt.Jwt;
|
||||
import org.springframework.security.oauth2.jwt.JwtClaimNames;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
|
||||
@@ -89,9 +90,6 @@ import org.springframework.web.server.WebFilter;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
import org.springframework.web.server.adapter.WebHttpHandlerBuilder;
|
||||
|
||||
import static java.lang.Boolean.TRUE;
|
||||
import static org.springframework.security.oauth2.jwt.JwtClaimNames.SUB;
|
||||
|
||||
/**
|
||||
* Test utilities for working with Spring Security and
|
||||
* {@link org.springframework.test.web.reactive.server.WebTestClient.Builder#apply(WebTestClientConfigurer)}.
|
||||
@@ -469,8 +467,8 @@ public class SecurityMockServerConfigurers {
|
||||
* @return the {@link JwtMutator} for further configuration
|
||||
*/
|
||||
public JwtMutator jwt(Consumer<Jwt.Builder> jwtBuilderConsumer) {
|
||||
Jwt.Builder jwtBuilder = Jwt.withTokenValue("token").header("alg", "none").claim(SUB, "user").claim("scope",
|
||||
"read");
|
||||
Jwt.Builder jwtBuilder = Jwt.withTokenValue("token").header("alg", "none").claim(JwtClaimNames.SUB, "user")
|
||||
.claim("scope", "read");
|
||||
jwtBuilderConsumer.accept(jwtBuilder);
|
||||
this.jwt = jwtBuilder.build();
|
||||
return this;
|
||||
@@ -1178,11 +1176,11 @@ public class SecurityMockServerConfigurers {
|
||||
}
|
||||
|
||||
public static void enable(ServerWebExchange exchange) {
|
||||
exchange.getAttributes().put(ENABLED_ATTR_NAME, TRUE);
|
||||
exchange.getAttributes().put(ENABLED_ATTR_NAME, Boolean.TRUE);
|
||||
}
|
||||
|
||||
public boolean isEnabled(ServerWebExchange exchange) {
|
||||
return TRUE.equals(exchange.getAttribute(ENABLED_ATTR_NAME));
|
||||
return Boolean.TRUE.equals(exchange.getAttribute(ENABLED_ATTR_NAME));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+7
-9
@@ -79,6 +79,7 @@ import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
|
||||
import org.springframework.security.oauth2.jwt.Jwt;
|
||||
import org.springframework.security.oauth2.jwt.JwtClaimNames;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
|
||||
@@ -105,9 +106,6 @@ import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter;
|
||||
|
||||
import static java.lang.Boolean.TRUE;
|
||||
import static org.springframework.security.oauth2.jwt.JwtClaimNames.SUB;
|
||||
|
||||
/**
|
||||
* Contains {@link MockMvc} {@link RequestPostProcessor} implementations for Spring
|
||||
* Security.
|
||||
@@ -570,11 +568,11 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
}
|
||||
|
||||
public static void enable(HttpServletRequest request) {
|
||||
request.setAttribute(ENABLED_ATTR_NAME, TRUE);
|
||||
request.setAttribute(ENABLED_ATTR_NAME, Boolean.TRUE);
|
||||
}
|
||||
|
||||
public boolean isEnabled(HttpServletRequest request) {
|
||||
return TRUE.equals(request.getAttribute(ENABLED_ATTR_NAME));
|
||||
return Boolean.TRUE.equals(request.getAttribute(ENABLED_ATTR_NAME));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1071,8 +1069,8 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
* @return the {@link JwtRequestPostProcessor} for additional customization
|
||||
*/
|
||||
public JwtRequestPostProcessor jwt(Consumer<Jwt.Builder> jwtBuilderConsumer) {
|
||||
Jwt.Builder jwtBuilder = Jwt.withTokenValue("token").header("alg", "none").claim(SUB, "user").claim("scope",
|
||||
"read");
|
||||
Jwt.Builder jwtBuilder = Jwt.withTokenValue("token").header("alg", "none").claim(JwtClaimNames.SUB, "user")
|
||||
.claim("scope", "read");
|
||||
jwtBuilderConsumer.accept(jwtBuilder);
|
||||
this.jwt = jwtBuilder.build();
|
||||
return this;
|
||||
@@ -1661,11 +1659,11 @@ public final class SecurityMockMvcRequestPostProcessors {
|
||||
}
|
||||
|
||||
public static void enable(HttpServletRequest request) {
|
||||
request.setAttribute(ENABLED_ATTR_NAME, TRUE);
|
||||
request.setAttribute(ENABLED_ATTR_NAME, Boolean.TRUE);
|
||||
}
|
||||
|
||||
public boolean isEnabled(HttpServletRequest request) {
|
||||
return TRUE.equals(request.getAttribute(ENABLED_ATTR_NAME));
|
||||
return Boolean.TRUE.equals(request.getAttribute(ENABLED_ATTR_NAME));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+16
-14
@@ -28,13 +28,11 @@ import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.test.web.support.WebTestUtils;
|
||||
import org.springframework.security.web.context.HttpRequestResponseHolder;
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
import org.springframework.test.util.AssertionErrors;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
import org.springframework.test.web.servlet.ResultMatcher;
|
||||
|
||||
import static org.springframework.test.util.AssertionErrors.assertEquals;
|
||||
import static org.springframework.test.util.AssertionErrors.assertTrue;
|
||||
|
||||
/**
|
||||
* Security related {@link MockMvc} {@link ResultMatcher}s.
|
||||
*
|
||||
@@ -97,42 +95,46 @@ public final class SecurityMockMvcResultMatchers {
|
||||
|
||||
Authentication auth = context.getAuthentication();
|
||||
|
||||
assertTrue("Authentication should not be null", auth != null);
|
||||
AssertionErrors.assertTrue("Authentication should not be null", auth != null);
|
||||
|
||||
if (this.assertAuthentication != null) {
|
||||
this.assertAuthentication.accept(auth);
|
||||
}
|
||||
|
||||
if (this.expectedContext != null) {
|
||||
assertEquals(this.expectedContext + " does not equal " + context, this.expectedContext, context);
|
||||
AssertionErrors.assertEquals(this.expectedContext + " does not equal " + context, this.expectedContext,
|
||||
context);
|
||||
}
|
||||
|
||||
if (this.expectedAuthentication != null) {
|
||||
assertEquals(this.expectedAuthentication + " does not equal " + context.getAuthentication(),
|
||||
AssertionErrors.assertEquals(
|
||||
this.expectedAuthentication + " does not equal " + context.getAuthentication(),
|
||||
this.expectedAuthentication, context.getAuthentication());
|
||||
}
|
||||
|
||||
if (this.expectedAuthenticationPrincipal != null) {
|
||||
assertTrue("Authentication cannot be null", context.getAuthentication() != null);
|
||||
assertEquals(
|
||||
AssertionErrors.assertTrue("Authentication cannot be null", context.getAuthentication() != null);
|
||||
AssertionErrors.assertEquals(
|
||||
this.expectedAuthenticationPrincipal + " does not equal "
|
||||
+ context.getAuthentication().getPrincipal(),
|
||||
this.expectedAuthenticationPrincipal, context.getAuthentication().getPrincipal());
|
||||
}
|
||||
|
||||
if (this.expectedAuthenticationName != null) {
|
||||
assertTrue("Authentication cannot be null", auth != null);
|
||||
AssertionErrors.assertTrue("Authentication cannot be null", auth != null);
|
||||
String name = auth.getName();
|
||||
assertEquals(this.expectedAuthenticationName + " does not equal " + name,
|
||||
AssertionErrors.assertEquals(this.expectedAuthenticationName + " does not equal " + name,
|
||||
this.expectedAuthenticationName, name);
|
||||
}
|
||||
|
||||
if (this.expectedGrantedAuthorities != null) {
|
||||
assertTrue("Authentication cannot be null", auth != null);
|
||||
AssertionErrors.assertTrue("Authentication cannot be null", auth != null);
|
||||
Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
|
||||
assertTrue(authorities + " does not contain the same authorities as " + this.expectedGrantedAuthorities,
|
||||
AssertionErrors.assertTrue(
|
||||
authorities + " does not contain the same authorities as " + this.expectedGrantedAuthorities,
|
||||
authorities.containsAll(this.expectedGrantedAuthorities));
|
||||
assertTrue(this.expectedGrantedAuthorities + " does not contain the same authorities as " + authorities,
|
||||
AssertionErrors.assertTrue(
|
||||
this.expectedGrantedAuthorities + " does not contain the same authorities as " + authorities,
|
||||
this.expectedGrantedAuthorities.containsAll(authorities));
|
||||
}
|
||||
}
|
||||
@@ -240,7 +242,7 @@ public final class SecurityMockMvcResultMatchers {
|
||||
SecurityContext context = load(result);
|
||||
|
||||
Authentication authentication = context.getAuthentication();
|
||||
assertTrue("Expected anonymous Authentication got " + context,
|
||||
AssertionErrors.assertTrue("Expected anonymous Authentication got " + context,
|
||||
authentication == null || this.trustResolver.isAnonymous(authentication));
|
||||
}
|
||||
|
||||
|
||||
+31
-23
@@ -28,16 +28,14 @@ import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
|
||||
import org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
|
||||
import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionClaimNames;
|
||||
import org.springframework.security.web.reactive.result.method.annotation.CurrentSecurityContextArgumentResolver;
|
||||
import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals.active;
|
||||
import static org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionClaimNames.SUBJECT;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOpaqueToken;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
/**
|
||||
* @author Josh Cummings
|
||||
@@ -54,25 +52,27 @@ public class SecurityMockServerConfigurerOpaqueTokenTests extends AbstractMockSe
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.argumentResolvers(resolvers -> resolvers
|
||||
.addCustomResolver(new CurrentSecurityContextArgumentResolver(new ReactiveAdapterRegistry())))
|
||||
.apply(springSecurity()).configureClient()
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
@Test
|
||||
public void mockOpaqueTokenWhenUsingDefaultsThenBearerTokenAuthentication() {
|
||||
this.client.mutateWith(mockOpaqueToken()).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken()).get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
|
||||
BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
|
||||
assertThat(token.getAuthorities()).isNotEmpty();
|
||||
assertThat(token.getToken()).isNotNull();
|
||||
assertThat(token.getTokenAttributes().get(SUBJECT)).isEqualTo("user");
|
||||
assertThat(token.getTokenAttributes().get(OAuth2IntrospectionClaimNames.SUBJECT)).isEqualTo("user");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void mockOpaqueTokenWhenAuthoritiesThenBearerTokenAuthentication() {
|
||||
this.client.mutateWith(mockOpaqueToken().authorities(this.authority1, this.authority2)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockOpaqueToken().authorities(this.authority1, this.authority2))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities()).containsOnly(this.authority1,
|
||||
@@ -82,19 +82,22 @@ public class SecurityMockServerConfigurerOpaqueTokenTests extends AbstractMockSe
|
||||
@Test
|
||||
public void mockOpaqueTokenWhenAttributesThenBearerTokenAuthentication() {
|
||||
String sub = new String("my-subject");
|
||||
this.client.mutateWith(mockOpaqueToken().attributes(attributes -> attributes.put(SUBJECT, sub))).get()
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken()
|
||||
.attributes(attributes -> attributes.put(OAuth2IntrospectionClaimNames.SUBJECT, sub)))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
|
||||
BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
|
||||
assertThat(token.getTokenAttributes().get(SUBJECT)).isSameAs(sub);
|
||||
assertThat(token.getTokenAttributes().get(OAuth2IntrospectionClaimNames.SUBJECT)).isSameAs(sub);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void mockOpaqueTokenWhenPrincipalThenBearerTokenAuthentication() {
|
||||
OAuth2AuthenticatedPrincipal principal = active();
|
||||
this.client.mutateWith(mockOpaqueToken().principal(principal)).get().exchange().expectStatus().isOk();
|
||||
OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
|
||||
@@ -104,25 +107,30 @@ public class SecurityMockServerConfigurerOpaqueTokenTests extends AbstractMockSe
|
||||
|
||||
@Test
|
||||
public void mockOpaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence() {
|
||||
OAuth2AuthenticatedPrincipal principal = active(a -> a.put("scope", "user"));
|
||||
OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active(a -> a.put("scope", "user"));
|
||||
|
||||
this.client.mutateWith(mockOpaqueToken().attributes(a -> a.put(SUBJECT, "foo")).principal(principal)).get()
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken()
|
||||
.attributes(a -> a.put(OAuth2IntrospectionClaimNames.SUBJECT, "foo")).principal(principal))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
|
||||
BearerTokenAuthentication token = (BearerTokenAuthentication) context.getAuthentication();
|
||||
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(SUBJECT))
|
||||
.isEqualTo(principal.getAttribute(SUBJECT));
|
||||
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal())
|
||||
.getAttribute(OAuth2IntrospectionClaimNames.SUBJECT))
|
||||
.isEqualTo(principal.getAttribute(OAuth2IntrospectionClaimNames.SUBJECT));
|
||||
|
||||
this.client.mutateWith(mockOpaqueToken().principal(principal).attributes(a -> a.put(SUBJECT, "bar"))).get()
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOpaqueToken().principal(principal)
|
||||
.attributes(a -> a.put(OAuth2IntrospectionClaimNames.SUBJECT, "bar")))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(BearerTokenAuthentication.class);
|
||||
token = (BearerTokenAuthentication) context.getAuthentication();
|
||||
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal()).getAttribute(SUBJECT))
|
||||
.isEqualTo("bar");
|
||||
assertThat((String) ((OAuth2AuthenticatedPrincipal) token.getPrincipal())
|
||||
.getAttribute(OAuth2IntrospectionClaimNames.SUBJECT)).isEqualTo("bar");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+12
-10
@@ -32,9 +32,6 @@ import org.springframework.security.web.server.context.SecurityContextServerWebE
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockAuthentication;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 5.0
|
||||
@@ -44,7 +41,8 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock
|
||||
public class SecurityMockServerConfigurersAnnotatedTests extends AbstractMockServerConfigurersTests {
|
||||
|
||||
WebTestClient client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
@Test
|
||||
@@ -62,8 +60,9 @@ public class SecurityMockServerConfigurersAnnotatedTests extends AbstractMockSer
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity())
|
||||
.apply(mockAuthentication(authentication)).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity())
|
||||
.apply(SecurityMockServerConfigurers.mockAuthentication(authentication)).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
this.client.get().exchange().expectStatus().isOk();
|
||||
@@ -76,7 +75,8 @@ public class SecurityMockServerConfigurersAnnotatedTests extends AbstractMockSer
|
||||
public void withMockUserWhenMutateWithMockPrincipalThenOverridesAnnotation() {
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
this.client.mutateWith(mockAuthentication(authentication)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockAuthentication(authentication)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
this.controller.assertPrincipalIsEqualTo(authentication);
|
||||
}
|
||||
@@ -86,7 +86,8 @@ public class SecurityMockServerConfigurersAnnotatedTests extends AbstractMockSer
|
||||
public void withMockUserWhenMutateWithMockPrincipalAndNoMutateThenOverridesAnnotationAndUsesAnnotation() {
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
this.client.mutateWith(mockAuthentication(authentication)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockAuthentication(authentication)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
this.controller.assertPrincipalIsEqualTo(authentication);
|
||||
|
||||
@@ -110,8 +111,9 @@ public class SecurityMockServerConfigurersAnnotatedTests extends AbstractMockSer
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
|
||||
ForkJoinPool.commonPool().submit(
|
||||
() -> this.client.mutateWith(mockAuthentication(authentication)).get().exchange().expectStatus().isOk())
|
||||
ForkJoinPool.commonPool()
|
||||
.submit(() -> this.client.mutateWith(SecurityMockServerConfigurers.mockAuthentication(authentication))
|
||||
.get().exchange().expectStatus().isOk())
|
||||
.join();
|
||||
|
||||
this.controller.assertPrincipalIsEqualTo(authentication);
|
||||
|
||||
+5
-5
@@ -32,8 +32,6 @@ import org.springframework.test.context.junit4.SpringRunner;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -45,7 +43,8 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock
|
||||
public class SecurityMockServerConfigurersClassAnnotatedTests extends AbstractMockServerConfigurersTests {
|
||||
|
||||
WebTestClient client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
@Test
|
||||
@@ -69,8 +68,9 @@ public class SecurityMockServerConfigurersClassAnnotatedTests extends AbstractMo
|
||||
|
||||
@Test
|
||||
public void withMockUserWhenMutateWithThenMustateWithOverrides() {
|
||||
this.client.mutateWith(mockUser("mutateWith-mockUser")).get().exchange().expectStatus().isOk()
|
||||
.expectBody(String.class).consumeWith(response -> assertThat(response.getResponseBody())
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockUser("mutateWith-mockUser")).get().exchange()
|
||||
.expectStatus().isOk().expectBody(String.class)
|
||||
.consumeWith(response -> assertThat(response.getResponseBody())
|
||||
.contains("\"username\":\"mutateWith-mockUser\""));
|
||||
|
||||
Principal principal = this.controller.removePrincipal();
|
||||
|
||||
+18
-12
@@ -37,8 +37,6 @@ import org.springframework.security.web.server.context.SecurityContextServerWebE
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockJwt;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
/**
|
||||
* @author Jérôme Wacongne <ch4mp@c4-soft.com>
|
||||
@@ -58,12 +56,12 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.argumentResolvers(resolvers -> resolvers
|
||||
.addCustomResolver(new CurrentSecurityContextArgumentResolver(new ReactiveAdapterRegistry())))
|
||||
.apply(springSecurity()).configureClient()
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
@Test
|
||||
public void mockJwtWhenUsingDefaultsTheCreatesJwtAuthentication() {
|
||||
this.client.mutateWith(mockJwt()).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockJwt()).get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(JwtAuthenticationToken.class);
|
||||
@@ -77,7 +75,8 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
@Test
|
||||
public void mockJwtWhenProvidingBuilderConsumerThenProducesJwtAuthentication() {
|
||||
String name = new String("user");
|
||||
this.client.mutateWith(mockJwt().jwt(jwt -> jwt.subject(name))).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockJwt().jwt(jwt -> jwt.subject(name))).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(JwtAuthenticationToken.class);
|
||||
@@ -87,8 +86,9 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
|
||||
@Test
|
||||
public void mockJwtWhenProvidingCustomAuthoritiesThenProducesJwtAuthentication() {
|
||||
this.client.mutateWith(mockJwt().jwt(jwt -> jwt.claim("scope", "ignored authorities"))
|
||||
.authorities(this.authority1, this.authority2)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockJwt()
|
||||
.jwt(jwt -> jwt.claim("scope", "ignored authorities")).authorities(this.authority1, this.authority2))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities()).containsOnly(this.authority1,
|
||||
@@ -97,8 +97,10 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
|
||||
@Test
|
||||
public void mockJwtWhenProvidingScopedAuthoritiesThenProducesJwtAuthentication() {
|
||||
this.client.mutateWith(mockJwt().jwt(jwt -> jwt.claim("scope", "scoped authorities"))).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockJwt().jwt(jwt -> jwt.claim("scope", "scoped authorities")))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities()).containsOnly(
|
||||
@@ -107,8 +109,11 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
|
||||
@Test
|
||||
public void mockJwtWhenProvidingGrantedAuthoritiesThenProducesJwtAuthentication() {
|
||||
this.client.mutateWith(mockJwt().jwt(jwt -> jwt.claim("scope", "ignored authorities"))
|
||||
.authorities(jwt -> Arrays.asList(this.authority1))).get().exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockJwt().jwt(jwt -> jwt.claim("scope", "ignored authorities"))
|
||||
.authorities(jwt -> Arrays.asList(this.authority1)))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat((List<GrantedAuthority>) context.getAuthentication().getAuthorities()).containsOnly(this.authority1);
|
||||
@@ -117,7 +122,8 @@ public class SecurityMockServerConfigurersJwtTests extends AbstractMockServerCon
|
||||
@Test
|
||||
public void mockJwtWhenProvidingPreparedJwtThenProducesJwtAuthentication() {
|
||||
Jwt originalToken = TestJwts.jwt().header("header1", "value1").subject("some_user").build();
|
||||
this.client.mutateWith(mockJwt().jwt(originalToken)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockJwt().jwt(originalToken)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
SecurityContext context = this.securityContextController.removeSecurityContext();
|
||||
assertThat(context.getAuthentication()).isInstanceOf(JwtAuthenticationToken.class);
|
||||
|
||||
+27
-21
@@ -30,9 +30,11 @@ import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
|
||||
import org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver;
|
||||
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
|
||||
import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
@@ -47,10 +49,6 @@ import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.springframework.security.oauth2.client.registration.TestClientRegistrations.clientRegistration;
|
||||
import static org.springframework.security.oauth2.core.TestOAuth2AccessTokens.noScopes;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOAuth2Client;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMockServerConfigurersTests {
|
||||
@@ -70,7 +68,8 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.argumentResolvers(c -> c.addCustomResolver(new OAuth2AuthorizedClientArgumentResolver(
|
||||
this.clientRegistrationRepository, this.authorizedClientRepository)))
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
}
|
||||
|
||||
@@ -78,15 +77,15 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
public void oauth2ClientWhenUsingDefaultsThenException() throws Exception {
|
||||
|
||||
WebHttpHandlerBuilder builder = WebHttpHandlerBuilder.webHandler(new DispatcherHandler());
|
||||
assertThatCode(() -> mockOAuth2Client().beforeServerCreated(builder))
|
||||
assertThatCode(() -> SecurityMockServerConfigurers.mockOAuth2Client().beforeServerCreated(builder))
|
||||
.isInstanceOf(IllegalArgumentException.class).hasMessageContaining("ClientRegistration");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oauth2ClientWhenUsingRegistrationIdThenProducesAuthorizedClient() throws Exception {
|
||||
|
||||
this.client.mutateWith(mockOAuth2Client("registration-id")).get().uri("/client").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Client("registration-id")).get().uri("/client")
|
||||
.exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
@@ -98,10 +97,10 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
@Test
|
||||
public void oauth2ClientWhenClientRegistrationThenUses() throws Exception {
|
||||
|
||||
ClientRegistration clientRegistration = clientRegistration().registrationId("registration-id")
|
||||
.clientId("client-id").build();
|
||||
this.client.mutateWith(mockOAuth2Client().clientRegistration(clientRegistration)).get().uri("/client")
|
||||
.exchange().expectStatus().isOk();
|
||||
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration()
|
||||
.registrationId("registration-id").clientId("client-id").build();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Client().clientRegistration(clientRegistration))
|
||||
.get().uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
@@ -113,7 +112,9 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
@Test
|
||||
public void oauth2ClientWhenClientRegistrationConsumerThenUses() throws Exception {
|
||||
|
||||
this.client.mutateWith(mockOAuth2Client("registration-id").clientRegistration(c -> c.clientId("client-id")))
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOAuth2Client("registration-id")
|
||||
.clientRegistration(c -> c.clientId("client-id")))
|
||||
.get().uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
@@ -126,16 +127,20 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
|
||||
@Test
|
||||
public void oauth2ClientWhenPrincipalNameThenUses() throws Exception {
|
||||
this.client.mutateWith(mockOAuth2Client("registration-id").principalName("test-subject")).get().uri("/client")
|
||||
.exchange().expectStatus().isOk().expectBody(String.class).isEqualTo("test-subject");
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockOAuth2Client("registration-id").principalName("test-subject"))
|
||||
.get().uri("/client").exchange().expectStatus().isOk().expectBody(String.class)
|
||||
.isEqualTo("test-subject");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oauth2ClientWhenAccessTokenThenUses() throws Exception {
|
||||
|
||||
OAuth2AccessToken accessToken = noScopes();
|
||||
this.client.mutateWith(mockOAuth2Client("registration-id").accessToken(accessToken)).get().uri("/client")
|
||||
.exchange().expectStatus().isOk();
|
||||
OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOAuth2Client("registration-id").accessToken(accessToken))
|
||||
.get().uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
@@ -146,14 +151,15 @@ public class SecurityMockServerConfigurersOAuth2ClientTests extends AbstractMock
|
||||
|
||||
@Test
|
||||
public void oauth2ClientWhenUsedOnceThenDoesNotAffectRemainingTests() throws Exception {
|
||||
this.client.mutateWith(mockOAuth2Client("registration-id")).get().uri("/client").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Client("registration-id")).get().uri("/client")
|
||||
.exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
assertThat(client.getClientRegistration().getClientId()).isEqualTo("test-client");
|
||||
|
||||
client = new OAuth2AuthorizedClient(clientRegistration().build(), "sub", noScopes());
|
||||
client = new OAuth2AuthorizedClient(TestClientRegistrations.clientRegistration().build(), "sub",
|
||||
TestOAuth2AccessTokens.noScopes());
|
||||
given(this.authorizedClientRepository.loadAuthorizedClient(eq("registration-id"), any(Authentication.class),
|
||||
any(ServerWebExchange.class))).willReturn(Mono.just(client));
|
||||
this.client.get().uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
+22
-17
@@ -44,8 +44,6 @@ import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOAuth2Login;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockServerConfigurersTests {
|
||||
@@ -65,13 +63,15 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.argumentResolvers(c -> c.addCustomResolver(new OAuth2AuthorizedClientArgumentResolver(
|
||||
this.clientRegistrationRepository, this.authorizedClientRepository)))
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oauth2LoginWhenUsingDefaultsThenProducesDefaultAuthentication() {
|
||||
this.client.mutateWith(mockOAuth2Login()).get().uri("/token").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login()).get().uri("/token").exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token).isNotNull();
|
||||
@@ -84,7 +84,8 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
|
||||
@Test
|
||||
public void oauth2LoginWhenUsingDefaultsThenProducesDefaultAuthorizedClient() {
|
||||
this.client.mutateWith(mockOAuth2Login()).get().uri("/client").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login()).get().uri("/client").exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
@@ -95,8 +96,10 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
|
||||
@Test
|
||||
public void oauth2LoginWhenAuthoritiesSpecifiedThenGrantsAccess() {
|
||||
this.client.mutateWith(mockOAuth2Login().authorities(new SimpleGrantedAuthority("SCOPE_admin"))).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login()
|
||||
.authorities(new SimpleGrantedAuthority("SCOPE_admin")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat((Collection<GrantedAuthority>) token.getPrincipal().getAuthorities())
|
||||
@@ -105,8 +108,10 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
|
||||
@Test
|
||||
public void oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute() {
|
||||
this.client.mutateWith(mockOAuth2Login().attributes(a -> a.put("iss", "https://idp.example.org"))).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login()
|
||||
.attributes(a -> a.put("iss", "https://idp.example.org")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("iss", "https://idp.example.org");
|
||||
@@ -117,14 +122,14 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
|
||||
Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().oauth2User(oauth2User)).get().uri("/token").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getName()).isEqualTo("test-subject");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().oauth2User(oauth2User)).get().uri("/client").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)).get()
|
||||
.uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client.getPrincipalName()).isEqualTo("test-subject");
|
||||
@@ -135,14 +140,14 @@ public class SecurityMockServerConfigurersOAuth2LoginTests extends AbstractMockS
|
||||
OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("SCOPE_read"),
|
||||
Collections.singletonMap("sub", "subject"), "sub");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().attributes(a -> a.put("subject", "foo")).oauth2User(oauth2User)).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().attributes(a -> a.put("subject", "foo"))
|
||||
.oauth2User(oauth2User)).get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "subject");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().oauth2User(oauth2User).attributes(a -> a.put("sub", "bar"))).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)
|
||||
.attributes(a -> a.put("sub", "bar"))).get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "bar");
|
||||
|
||||
+31
-22
@@ -36,6 +36,7 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
|
||||
import org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver;
|
||||
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
|
||||
import org.springframework.security.oauth2.core.oidc.TestOidcIdTokens;
|
||||
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
||||
import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter;
|
||||
@@ -44,10 +45,6 @@ import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.oauth2.core.oidc.TestOidcIdTokens.idToken;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOAuth2Login;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOidcLogin;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockServerConfigurersTests {
|
||||
@@ -67,13 +64,15 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.argumentResolvers(c -> c.addCustomResolver(new OAuth2AuthorizedClientArgumentResolver(
|
||||
this.clientRegistrationRepository, this.authorizedClientRepository)))
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthentication() {
|
||||
this.client.mutateWith(mockOidcLogin()).get().uri("/token").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin()).get().uri("/token").exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token).isNotNull();
|
||||
@@ -87,7 +86,8 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
|
||||
@Test
|
||||
public void oidcLoginWhenUsingDefaultsThenProducesDefaultAuthorizedClient() {
|
||||
this.client.mutateWith(mockOidcLogin()).get().uri("/client").exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin()).get().uri("/client").exchange()
|
||||
.expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client).isNotNull();
|
||||
@@ -98,8 +98,10 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
|
||||
@Test
|
||||
public void oidcLoginWhenAuthoritiesSpecifiedThenGrantsAccess() {
|
||||
this.client.mutateWith(mockOidcLogin().authorities(new SimpleGrantedAuthority("SCOPE_admin"))).get()
|
||||
.uri("/token").exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockOidcLogin()
|
||||
.authorities(new SimpleGrantedAuthority("SCOPE_admin")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat((Collection<GrantedAuthority>) token.getPrincipal().getAuthorities())
|
||||
@@ -108,8 +110,10 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
|
||||
@Test
|
||||
public void oidcLoginWhenIdTokenSpecifiedThenUserHasClaims() {
|
||||
this.client.mutateWith(mockOidcLogin().idToken(i -> i.issuer("https://idp.example.org"))).get().uri("/token")
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockOidcLogin().idToken(i -> i.issuer("https://idp.example.org")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("iss", "https://idp.example.org");
|
||||
@@ -117,8 +121,8 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
|
||||
@Test
|
||||
public void oidcLoginWhenUserInfoSpecifiedThenUserHasClaims() throws Exception {
|
||||
this.client.mutateWith(mockOidcLogin().userInfoToken(u -> u.email("email@email"))).get().uri("/token")
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOidcLogin().userInfoToken(u -> u.email("email@email")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("email", "email@email");
|
||||
@@ -130,14 +134,14 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
OidcIdToken.withTokenValue("id-token").claim("custom-attribute", "test-subject").build(),
|
||||
"custom-attribute");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().oauth2User(oidcUser)).get().uri("/token").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oidcUser)).get().uri("/token")
|
||||
.exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getName()).isEqualTo("test-subject");
|
||||
|
||||
this.client.mutateWith(mockOAuth2Login().oauth2User(oidcUser)).get().uri("/client").exchange().expectStatus()
|
||||
.isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oidcUser)).get()
|
||||
.uri("/client").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthorizedClient client = this.controller.authorizedClient;
|
||||
assertThat(client.getPrincipalName()).isEqualTo("test-subject");
|
||||
@@ -146,16 +150,21 @@ public class SecurityMockServerConfigurersOidcLoginTests extends AbstractMockSer
|
||||
// gh-7794
|
||||
@Test
|
||||
public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
|
||||
OidcUser oidcUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("SCOPE_read"), idToken().build());
|
||||
OidcUser oidcUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("SCOPE_read"),
|
||||
TestOidcIdTokens.idToken().build());
|
||||
|
||||
this.client.mutateWith(mockOidcLogin().idToken(i -> i.subject("foo")).oidcUser(oidcUser)).get().uri("/token")
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockOidcLogin().idToken(i -> i.subject("foo")).oidcUser(oidcUser))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
OAuth2AuthenticationToken token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "subject");
|
||||
|
||||
this.client.mutateWith(mockOidcLogin().oidcUser(oidcUser).idToken(i -> i.subject("bar"))).get().uri("/token")
|
||||
.exchange().expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(
|
||||
SecurityMockServerConfigurers.mockOidcLogin().oidcUser(oidcUser).idToken(i -> i.subject("bar")))
|
||||
.get().uri("/token").exchange().expectStatus().isOk();
|
||||
|
||||
token = this.controller.token;
|
||||
assertThat(token.getPrincipal().getAttributes()).containsEntry("sub", "bar");
|
||||
|
||||
+21
-17
@@ -31,10 +31,6 @@ import org.springframework.security.web.server.csrf.CsrfWebFilter;
|
||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.csrf;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockAuthentication;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockUser;
|
||||
import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
@@ -43,14 +39,16 @@ import static org.springframework.security.test.web.reactive.server.SecurityMock
|
||||
public class SecurityMockServerConfigurersTests extends AbstractMockServerConfigurersTests {
|
||||
|
||||
WebTestClient client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new CsrfWebFilter(), new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity())
|
||||
.configureClient().defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
.webFilter(new CsrfWebFilter(), new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
|
||||
@Test
|
||||
public void mockAuthenticationWhenLocalThenSuccess() {
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
this.client.mutateWith(mockAuthentication(authentication)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockAuthentication(authentication)).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
this.controller.assertPrincipalIsEqualTo(authentication);
|
||||
}
|
||||
|
||||
@@ -59,8 +57,9 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
TestingAuthenticationToken authentication = new TestingAuthenticationToken("authentication", "secret",
|
||||
"ROLE_USER");
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity())
|
||||
.apply(mockAuthentication(authentication)).configureClient()
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity())
|
||||
.apply(SecurityMockServerConfigurers.mockAuthentication(authentication)).configureClient()
|
||||
.defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
this.client.get().exchange().expectStatus().isOk();
|
||||
this.controller.assertPrincipalIsEqualTo(authentication);
|
||||
@@ -68,7 +67,7 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
|
||||
@Test
|
||||
public void mockUserWhenDefaultsThenSuccess() {
|
||||
this.client.mutateWith(mockUser()).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockUser()).get().exchange().expectStatus().isOk();
|
||||
|
||||
Principal actual = this.controller.removePrincipal();
|
||||
|
||||
@@ -78,7 +77,8 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
@Test
|
||||
public void mockUserWhenGlobalThenSuccess() {
|
||||
this.client = WebTestClient.bindToController(this.controller)
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter()).apply(springSecurity()).apply(mockUser())
|
||||
.webFilter(new SecurityContextServerWebExchangeWebFilter())
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).apply(SecurityMockServerConfigurers.mockUser())
|
||||
.configureClient().defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE).build();
|
||||
this.client.get().exchange().expectStatus().isOk();
|
||||
|
||||
@@ -89,7 +89,8 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
|
||||
@Test
|
||||
public void mockUserStringWhenLocalThenSuccess() {
|
||||
this.client.mutateWith(mockUser(this.userBuilder.build().getUsername())).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockUser(this.userBuilder.build().getUsername())).get()
|
||||
.exchange().expectStatus().isOk();
|
||||
|
||||
Principal actual = this.controller.removePrincipal();
|
||||
|
||||
@@ -99,8 +100,9 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
@Test
|
||||
public void mockUserStringWhenCustomThenSuccess() {
|
||||
this.userBuilder = User.withUsername("admin").password("secret").roles("USER", "ADMIN");
|
||||
this.client.mutateWith(mockUser("admin").password("secret").roles("USER", "ADMIN")).get().exchange()
|
||||
.expectStatus().isOk();
|
||||
this.client
|
||||
.mutateWith(SecurityMockServerConfigurers.mockUser("admin").password("secret").roles("USER", "ADMIN"))
|
||||
.get().exchange().expectStatus().isOk();
|
||||
|
||||
Principal actual = this.controller.removePrincipal();
|
||||
|
||||
@@ -110,7 +112,8 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
@Test
|
||||
public void mockUserUserDetailsLocalThenSuccess() {
|
||||
UserDetails userDetails = this.userBuilder.build();
|
||||
this.client.mutateWith(mockUser(userDetails)).get().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.mockUser(userDetails)).get().exchange().expectStatus()
|
||||
.isOk();
|
||||
|
||||
Principal actual = this.controller.removePrincipal();
|
||||
|
||||
@@ -122,14 +125,15 @@ public class SecurityMockServerConfigurersTests extends AbstractMockServerConfig
|
||||
this.client.post().exchange().expectStatus().isEqualTo(HttpStatus.FORBIDDEN).expectBody()
|
||||
.consumeWith(b -> assertThat(new String(b.getResponseBody())).contains("CSRF"));
|
||||
|
||||
this.client.mutateWith(csrf()).post().exchange().expectStatus().isOk();
|
||||
this.client.mutateWith(SecurityMockServerConfigurers.csrf()).post().exchange().expectStatus().isOk();
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void csrfWhenGlobalThenDisablesCsrf() {
|
||||
this.client = WebTestClient.bindToController(this.controller).webFilter(new CsrfWebFilter())
|
||||
.apply(springSecurity()).apply(csrf()).configureClient().build();
|
||||
.apply(SecurityMockServerConfigurers.springSecurity()).apply(SecurityMockServerConfigurers.csrf())
|
||||
.configureClient().build();
|
||||
|
||||
this.client.get().exchange().expectStatus().isOk();
|
||||
|
||||
|
||||
+2
-2
@@ -34,9 +34,9 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
|
||||
|
||||
public class SecurityMockMvcRequestBuildersFormLoginTests {
|
||||
@@ -100,7 +100,7 @@ public class SecurityMockMvcRequestBuildersFormLoginTests {
|
||||
@Test
|
||||
public void postProcessorsAreMergedDuringMockMvcPerform() throws Exception {
|
||||
RequestPostProcessor postProcessor = mock(RequestPostProcessor.class);
|
||||
when(postProcessor.postProcessRequest(any())).thenAnswer(i -> i.getArgument(0));
|
||||
given(postProcessor.postProcessRequest(any())).willAnswer(i -> i.getArgument(0));
|
||||
MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Object())
|
||||
.defaultRequest(MockMvcRequestBuilders.get("/").with(postProcessor)).build();
|
||||
|
||||
|
||||
+2
-2
@@ -34,9 +34,9 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.logout;
|
||||
|
||||
public class SecurityMockMvcRequestBuildersFormLogoutTests {
|
||||
@@ -93,7 +93,7 @@ public class SecurityMockMvcRequestBuildersFormLogoutTests {
|
||||
@Test
|
||||
public void postProcessorsAreMergedDuringMockMvcPerform() throws Exception {
|
||||
RequestPostProcessor postProcessor = mock(RequestPostProcessor.class);
|
||||
when(postProcessor.postProcessRequest(any())).thenAnswer(i -> i.getArgument(0));
|
||||
given(postProcessor.postProcessRequest(any())).willAnswer(i -> i.getArgument(0));
|
||||
MockMvc mockMvc = MockMvcBuilders.standaloneSetup(new Object())
|
||||
.defaultRequest(MockMvcRequestBuilders.get("/").with(postProcessor)).build();
|
||||
|
||||
|
||||
+3
-4
@@ -24,6 +24,7 @@ import org.junit.runner.RunWith;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
import org.powermock.api.mockito.PowerMockito;
|
||||
import org.powermock.core.classloader.annotations.PowerMockIgnore;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
@@ -39,8 +40,6 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
|
||||
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@@ -82,8 +81,8 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationTests {
|
||||
}
|
||||
|
||||
private void mockWebTestUtils() {
|
||||
spy(WebTestUtils.class);
|
||||
when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
PowerMockito.spy(WebTestUtils.class);
|
||||
PowerMockito.when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+7
-6
@@ -33,8 +33,10 @@ import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
|
||||
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
|
||||
import org.springframework.security.test.context.TestSecurityContextHolder;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
@@ -52,8 +54,6 @@ import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.springframework.security.oauth2.client.registration.TestClientRegistrations.clientRegistration;
|
||||
import static org.springframework.security.oauth2.core.TestOAuth2AccessTokens.noScopes;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Client;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
@@ -109,8 +109,8 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests {
|
||||
@Test
|
||||
public void oauth2ClientWhenClientRegistrationThenUses() throws Exception {
|
||||
|
||||
ClientRegistration clientRegistration = clientRegistration().registrationId("registration-id")
|
||||
.clientId("client-id").build();
|
||||
ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration()
|
||||
.registrationId("registration-id").clientId("client-id").build();
|
||||
this.mvc.perform(get("/client-id").with(oauth2Client().clientRegistration(clientRegistration)))
|
||||
.andExpect(content().string("client-id"));
|
||||
}
|
||||
@@ -131,7 +131,7 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests {
|
||||
|
||||
@Test
|
||||
public void oauth2ClientWhenAccessTokenThenUses() throws Exception {
|
||||
OAuth2AccessToken accessToken = noScopes();
|
||||
OAuth2AccessToken accessToken = TestOAuth2AccessTokens.noScopes();
|
||||
this.mvc.perform(get("/access-token").with(oauth2Client("registration-id").accessToken(accessToken)))
|
||||
.andExpect(content().string("no-scopes"));
|
||||
}
|
||||
@@ -141,7 +141,8 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests {
|
||||
this.mvc.perform(get("/client-id").with(oauth2Client("registration-id")))
|
||||
.andExpect(content().string("test-client"));
|
||||
|
||||
OAuth2AuthorizedClient client = new OAuth2AuthorizedClient(clientRegistration().build(), "sub", noScopes());
|
||||
OAuth2AuthorizedClient client = new OAuth2AuthorizedClient(TestClientRegistrations.clientRegistration().build(),
|
||||
"sub", TestOAuth2AccessTokens.noScopes());
|
||||
OAuth2AuthorizedClientRepository repository = this.context.getBean(OAuth2AuthorizedClientRepository.class);
|
||||
given(repository.loadAuthorizedClient(eq("registration-id"), any(Authentication.class),
|
||||
any(HttpServletRequest.class))).willReturn(client);
|
||||
|
||||
+3
-2
@@ -37,6 +37,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
|
||||
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
@@ -52,7 +53,6 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.springframework.security.oauth2.client.registration.TestClientRegistrations.clientRegistration;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oauth2Login;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
@@ -128,7 +128,8 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests {
|
||||
|
||||
@Test
|
||||
public void oauth2LoginWhenClientRegistrationSpecifiedThenUses() throws Exception {
|
||||
this.mvc.perform(get("/client-id").with(oauth2Login().clientRegistration(clientRegistration().build())))
|
||||
this.mvc.perform(get("/client-id")
|
||||
.with(oauth2Login().clientRegistration(TestClientRegistrations.clientRegistration().build())))
|
||||
.andExpect(content().string("client-id"));
|
||||
}
|
||||
|
||||
|
||||
+3
-2
@@ -38,6 +38,7 @@ import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2Aut
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
|
||||
import org.springframework.security.oauth2.core.oidc.TestOidcIdTokens;
|
||||
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
|
||||
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
|
||||
import org.springframework.security.test.context.TestSecurityContextHolder;
|
||||
@@ -53,7 +54,6 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.springframework.security.oauth2.core.oidc.TestOidcIdTokens.idToken;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.oidcLogin;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
@@ -140,7 +140,8 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
|
||||
// gh-7794
|
||||
@Test
|
||||
public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
|
||||
OidcUser oidcUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("SCOPE_read"), idToken().build());
|
||||
OidcUser oidcUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("SCOPE_read"),
|
||||
TestOidcIdTokens.idToken().build());
|
||||
|
||||
this.mvc.perform(get("/id-token/sub").with(oidcLogin().idToken(i -> i.subject("foo")).oidcUser(oidcUser)))
|
||||
.andExpect(status().isOk()).andExpect(content().string("subject"));
|
||||
|
||||
+5
-5
@@ -33,6 +33,7 @@ import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
|
||||
import org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals;
|
||||
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
@@ -45,9 +46,8 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.oauth2.core.TestOAuth2AuthenticatedPrincipals.active;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.opaqueToken;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
@@ -98,8 +98,8 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
|
||||
public void opaqueTokenWhenPrincipalSpecifiedThenAuthenticationHasPrincipal() throws Exception {
|
||||
Collection authorities = Collections.singleton(new SimpleGrantedAuthority("SCOPE_read"));
|
||||
OAuth2AuthenticatedPrincipal principal = mock(OAuth2AuthenticatedPrincipal.class);
|
||||
when(principal.getName()).thenReturn("ben");
|
||||
when(principal.getAuthorities()).thenReturn(authorities);
|
||||
given(principal.getName()).willReturn("ben");
|
||||
given(principal.getAuthorities()).willReturn(authorities);
|
||||
|
||||
this.mvc.perform(get("/name").with(opaqueToken().principal(principal))).andExpect(content().string("ben"));
|
||||
}
|
||||
@@ -107,7 +107,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
|
||||
// gh-7800
|
||||
@Test
|
||||
public void opaqueTokenWhenPrincipalSpecifiedThenLastCalledTakesPrecedence() throws Exception {
|
||||
OAuth2AuthenticatedPrincipal principal = active(a -> a.put("scope", "user"));
|
||||
OAuth2AuthenticatedPrincipal principal = TestOAuth2AuthenticatedPrincipals.active(a -> a.put("scope", "user"));
|
||||
|
||||
this.mvc.perform(
|
||||
get("/opaque-token/sub").with(opaqueToken().attributes(a -> a.put("sub", "foo")).principal(principal)))
|
||||
|
||||
+3
-4
@@ -24,6 +24,7 @@ import org.junit.runner.RunWith;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
import org.powermock.api.mockito.PowerMockito;
|
||||
import org.powermock.core.classloader.annotations.PowerMockIgnore;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
@@ -38,8 +39,6 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.securityContext;
|
||||
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@@ -81,8 +80,8 @@ public class SecurityMockMvcRequestPostProcessorsSecurityContextTests {
|
||||
}
|
||||
|
||||
private void mockWebTestUtils() {
|
||||
spy(WebTestUtils.class);
|
||||
when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
PowerMockito.spy(WebTestUtils.class);
|
||||
PowerMockito.when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+3
-4
@@ -22,6 +22,7 @@ import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.Mock;
|
||||
import org.powermock.api.mockito.PowerMockito;
|
||||
import org.powermock.core.classloader.annotations.PowerMockIgnore;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
@@ -36,8 +37,6 @@ import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.never;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.testSecurityContext;
|
||||
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@@ -84,8 +83,8 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextTests {
|
||||
}
|
||||
|
||||
private void mockWebTestUtils() {
|
||||
spy(WebTestUtils.class);
|
||||
when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
PowerMockito.spy(WebTestUtils.class);
|
||||
PowerMockito.when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+3
-4
@@ -24,6 +24,7 @@ import org.junit.runner.RunWith;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
import org.powermock.api.mockito.PowerMockito;
|
||||
import org.powermock.core.classloader.annotations.PowerMockIgnore;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
@@ -40,8 +41,6 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
|
||||
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@@ -84,8 +83,8 @@ public class SecurityMockMvcRequestPostProcessorsUserDetailsTests {
|
||||
}
|
||||
|
||||
private void mockWebTestUtils() {
|
||||
spy(WebTestUtils.class);
|
||||
when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
PowerMockito.spy(WebTestUtils.class);
|
||||
PowerMockito.when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+3
-4
@@ -27,6 +27,7 @@ import org.junit.runner.RunWith;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
import org.powermock.api.mockito.PowerMockito;
|
||||
import org.powermock.core.classloader.annotations.PowerMockIgnore;
|
||||
import org.powermock.core.classloader.annotations.PrepareOnlyThisForTest;
|
||||
import org.powermock.modules.junit4.PowerMockRunner;
|
||||
@@ -43,8 +44,6 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.powermock.api.mockito.PowerMockito.spy;
|
||||
import static org.powermock.api.mockito.PowerMockito.when;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
|
||||
|
||||
@RunWith(PowerMockRunner.class)
|
||||
@@ -141,8 +140,8 @@ public class SecurityMockMvcRequestPostProcessorsUserTests {
|
||||
}
|
||||
|
||||
private void mockWebTestUtils() {
|
||||
spy(WebTestUtils.class);
|
||||
when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
PowerMockito.spy(WebTestUtils.class);
|
||||
PowerMockito.when(WebTestUtils.getSecurityContextRepository(this.request)).thenReturn(this.repository);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+2
-2
@@ -28,7 +28,6 @@ import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders;
|
||||
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.FormLoginRequestBuilder;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
|
||||
@@ -38,6 +37,7 @@ import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin;
|
||||
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated;
|
||||
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.unauthenticated;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
@@ -72,7 +72,7 @@ public class CustomLoginRequestBuilderAuthenticationTests {
|
||||
}
|
||||
|
||||
static FormLoginRequestBuilder login() {
|
||||
return SecurityMockMvcRequestBuilders.formLogin("/authenticate").userParameter("user").passwordParam("pass");
|
||||
return formLogin("/authenticate").userParameter("user").passwordParam("pass");
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
|
||||
+14
-10
@@ -42,8 +42,6 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.springframework.security.test.web.support.WebTestUtils.getCsrfTokenRepository;
|
||||
import static org.springframework.security.test.web.support.WebTestUtils.getSecurityContextRepository;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class WebTestUtilsTests {
|
||||
@@ -72,19 +70,22 @@ public class WebTestUtilsTests {
|
||||
|
||||
@Test
|
||||
public void getCsrfTokenRepositorytNoWac() {
|
||||
assertThat(getCsrfTokenRepository(this.request)).isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
assertThat(WebTestUtils.getCsrfTokenRepository(this.request))
|
||||
.isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getCsrfTokenRepositorytNoSecurity() {
|
||||
loadConfig(Config.class);
|
||||
assertThat(getCsrfTokenRepository(this.request)).isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
assertThat(WebTestUtils.getCsrfTokenRepository(this.request))
|
||||
.isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getCsrfTokenRepositorytSecurityNoCsrf() {
|
||||
loadConfig(SecurityNoCsrfConfig.class);
|
||||
assertThat(getCsrfTokenRepository(this.request)).isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
assertThat(WebTestUtils.getCsrfTokenRepository(this.request))
|
||||
.isInstanceOf(HttpSessionCsrfTokenRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -92,26 +93,29 @@ public class WebTestUtilsTests {
|
||||
CustomSecurityConfig.CONTEXT_REPO = this.contextRepo;
|
||||
CustomSecurityConfig.CSRF_REPO = this.csrfRepo;
|
||||
loadConfig(CustomSecurityConfig.class);
|
||||
assertThat(getCsrfTokenRepository(this.request)).isSameAs(this.csrfRepo);
|
||||
assertThat(WebTestUtils.getCsrfTokenRepository(this.request)).isSameAs(this.csrfRepo);
|
||||
}
|
||||
|
||||
// getSecurityContextRepository
|
||||
|
||||
@Test
|
||||
public void getSecurityContextRepositoryNoWac() {
|
||||
assertThat(getSecurityContextRepository(this.request)).isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request))
|
||||
.isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getSecurityContextRepositoryNoSecurity() {
|
||||
loadConfig(Config.class);
|
||||
assertThat(getSecurityContextRepository(this.request)).isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request))
|
||||
.isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getSecurityContextRepositorySecurityNoCsrf() {
|
||||
loadConfig(SecurityNoCsrfConfig.class);
|
||||
assertThat(getSecurityContextRepository(this.request)).isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request))
|
||||
.isInstanceOf(HttpSessionSecurityContextRepository.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -119,7 +123,7 @@ public class WebTestUtilsTests {
|
||||
CustomSecurityConfig.CONTEXT_REPO = this.contextRepo;
|
||||
CustomSecurityConfig.CSRF_REPO = this.csrfRepo;
|
||||
loadConfig(CustomSecurityConfig.class);
|
||||
assertThat(getSecurityContextRepository(this.request)).isSameAs(this.contextRepo);
|
||||
assertThat(WebTestUtils.getSecurityContextRepository(this.request)).isSameAs(this.contextRepo);
|
||||
}
|
||||
|
||||
// gh-3343
|
||||
|
||||
Reference in New Issue
Block a user